@osdk/maker
The Maker package provides a type-safe, programmatic way to define ontologies, which are the foundation for structured data in Palantir Foundry. This document provides examples of how to use the maker API to define various ontology entities.
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:jiti | AI (phantom-deps): jiti is a declared runtime dep used as a config loader; phantom-dep heuristic fires on indirect usage patterns common in CLI tools. | ai | |
| phantom-deps | phantom-dep:ts-node | AI (phantom-deps): ts-node declared as runtime dep for TypeScript execution; referenced in config files is expected for this CLI tool. | ai | |
| phantom-deps | phantom-dep:@osdk/api | AI (phantom-deps): Same-org sibling dep; phantom-dep heuristic is a stable false positive for monorepo packages. | ai | |
| phantom-deps | phantom-dep:semver-ts | AI (phantom-deps): Declared runtime dep; phantom-dep firing on config-file references is a stable false positive here. | ai |
Versions (showing 27 of 27)
| Version | Deps | Published |
|---|---|---|
| 0.33.0 | 10 / 8 | |
| 0.32.0 | 10 / 8 | |
| 0.31.0 | 10 / 8 | |
| 0.30.0 | 10 / 8 | |
| 0.29.0 | 10 / 8 | |
| 0.28.0 | 10 / 8 | |
| 0.27.0 | 10 / 8 | |
| 0.26.0 | 10 / 8 | |
| 0.25.0 | 10 / 8 | |
| 0.24.0 | 10 / 8 | |
| 0.23.0 | 10 / 8 | |
| 0.22.0 | 10 / 8 | |
| 0.21.0 | 10 / 8 | |
| 0.20.0 | 10 / 8 | |
| 0.16.0 | 10 / 8 | |
| 0.13.0 | 8 / 7 | |
| 0.12.2 | 7 / 8 | |
| 0.12.1 | 7 / 8 | |
| 0.12.0 | 7 / 8 | |
| 0.11.4 | 7 / 8 | |
| 0.11.3 | 7 / 8 | |
| 0.11.2 | 7 / 8 | |
| 0.11.1 | 7 / 8 | |
| 0.11.0 | 7 / 8 | |
| 0.10.1 | 6 / 8 | |
| 0.10.0 | 6 / 8 | |
| 0.9.5 | 6 / 7 |
v0.33.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.32.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.31.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.30.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.29.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.28.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.27.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.26.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.25.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.24.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.23.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.21.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.11.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.11.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.11.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.11.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.11.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.10.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.10.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.